As an Information Security Analyst, you will assist in the assessment of technology-related compliance issues across the organization including information security, identity management, user access, and data integrity.
This includes working with systems owners and administrators to identify, document and monitor current risks and controls.
This position will report to the Executive Director of Information Security.
Be the main point of contact for Security Operations (SecOps) and assist on all internal and external audit teams where technology inquiry is required.
Monitor activities of assigned technology areas to ensure compliance with internal policies and procedures including monthly, quarterly, and annual account and activity reviews.
Ensure execution of required testing and auditing activities for SecOps by internal and external parties leading to successful certification of the company on an ongoing basis.
Triage Change Management issues and provide recommendations.
Work collaboratively with Technology teams and Legal teams to identify and manage privacy, data protection risks, and compliance requirements to help meet stakeholder expectations.
Make broad recommendations on improving compliance related processes and/or procedures as it pertains to SecOps.
Partner with management, business teams, and/or data teams to implement solutions.
Degree in a business-related field and/or equivalent years of education and experience working in a related field
2-4 years experience in Information Technology and/or Information Security experience
Certified Information Systems Security Professional (CISSP) desired
Knowledge of policies and procedures related to GDPR, CCPA, and PCI
Excellent interpersonal, verbal, and written communication skills with the ability to communicate compliance related concepts to a broad range of technical and non-technical staff
Successful experience working, collaborating, and establishing credibility and relationships with senior leadership, colleagues, and clients
Demonstrated success working with internal audit, external auditors, outside consultants, and legal affairs and experience leading large-scale projects